July 11, 201114 yr Great article from Wired: http://www.wired.com/threatlevel/2011/07/how-digital-detectives-deciphered-stuxnet/all/1 ETA: Another good article on this topic from Vanity Fair: http://www.vanityfair.com/culture/features/2011/04/stuxnet-201104?printable=true
July 11, 201114 yr Great article from Wired: http://www.wired.com/threatlevel/2011/07/how-digital-detectives-deciphered-stuxnet/all/1 Very nice story, ciberwar is emerging more and more these days and I'm astonished how difficult is to identify military-class malicious codes. More shocking is that all four zero-day sploits used by the malware was public but yet not patched by Microsoft. Maybe MS could offer some reward to those who identify sploits to increase early direct reports.
July 12, 201114 yr Author Another good article on this topic from Vanity Fair: http://www.vanityfair.com/culture/features/2011/04/stuxnet-201104?printable=true
July 13, 201114 yr Wow! In the second half of the 1980s, and early 1990s, I was involved in building , programming and installing Siemens 5 series PLCs, using Step5. We were also producing hardware which would facilitate networking and PC interfacing of the PLCs. They've obviously moved on a couple of generations to Series 7 and Step7, but the STL code snippets still look familiar. However, as the article mentions, you do need a detailed knowledge about the configuration and programing of the particular implementation in order to do anything of this nature. The creators/perpetrators of StuxNet must have had a mole within the control system development team.
July 13, 201114 yr Author The creators/perpetrators of StuxNet must have had a mole within the control system development team. Well, have another look at the response from a Siemens staff member. I think it was in the second article...
Archived
This topic is now archived and is closed to further replies.